This update/clarification post explains how the proposed Washington state data breach notification law is really treating encrypted data and how it may actually be expanding the data breach safe harbor exceptions under that law.
Tag Archives: Data Breach Response
Platform Magazine Quotes Tuma Discussing CyberGard: The Public Relations Side of a Data Breach
Thank you to Platform Magazine for quoting me discussing the PR component of my CyberGard – Business Cyber Risk Protection Program in this forward thinking article about the value of getting public relations on board before your company has a data breach. In a recent post I explained why a data breach response must focus on the …
“Defense wins championships” when preparing for the inevitable data breach
“The best strategy to manage the inevitable data breach of your enterprise is to be prepared.” -Adam Greenberg, SC Magazine Exactly–you must prepare on 2 fronts: Defense & Response In a recent article in SC Magazine, Adam Greenberg marches along faithfully with many of us in trying to get you, the business leader, to appreciate the …
Continue reading ““Defense wins championships” when preparing for the inevitable data breach”
Publix hasn’t had a data breach but is already seeking PR help in case it does — good or bad?
This is interesting. Publix grocery store chain has made the news because of data breach — not because they have had a data breach (though they probably have and just don’t know it) — but because it has been learned that it is sending out proposals for PR help in the event it does have …
Gov’t Contractors Must Notify of Data Breach Within 3 days
If your business is a contractor for the federal government, you had better have your data breach response ducks in a row. The moment you detect a breach, the clock starts ticking and you have only 3 days to notify of the breach. Yes, I said 3 days! You better already know who your legal counsel …
Continue reading “Gov’t Contractors Must Notify of Data Breach Within 3 days”
3 Important Questions the State Attorneys General Will Ask Your Company Following A Data Breach
In an earlier blog post I wrote about how [w]hen your company has a data breach, these are the top 3 questions that you will be required to answer: How did the breach happen? What steps did your company take before the breach to protect the data and keep it from happening? What steps is …
3 Important Questions Your Company Must Answer After A Data Breach
Riddle: What has sensitive data, is the target of cyber criminals, and will (almost certainly) have a data breach? Answer: YOUR COMPANY! When your company has a data breach, these are the top 3 questions that you will be required to answer: How did the breach happen? What steps did your company take before the breach …
Continue reading “3 Important Questions Your Company Must Answer After A Data Breach”
The SEC Will Begin Looking at Companies’ IT Security and Data Breach Response Policies
THE POINT: Recent statements from the SEC indicate that the new standard of care for companies may require policies in place for (1) prevention, detection, and response to cyber attacks and data breaches, (2) IT training focused on security, and (3) vendor access to company systems and vendor due diligence. Do you still think your …
Data Security Involves Human Behavior and, Therefore, Is More an Art, Than a Science
I have recently written of how data breach responses and response plans cannot be one-size-fits-all and must be tailored to the unique needs of the company involved, as well as its culture. That is, they must be tailored to fit a company of humans dealing with humans. This morning I read an article that discusses …
Executives – Are You Ready to Lead Your Company Through a Data Breach?
I have handled several data breach incidents for clients as their breach response counsel and, while we have an effective process to implement to help keep clients out of legal hot water, that really is not the most important aspect of handling the incident. The most important issue is how the incident will impact the …
Continue reading “Executives – Are You Ready to Lead Your Company Through a Data Breach?”

You must be logged in to post a comment.